package com.szeastroc.eureka.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;



@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter{

	protected void configure(HttpSecurity httpSecurity) throws Exception{
		
		httpSecurity.authorizeRequests().antMatchers("","").permitAll()
			.antMatchers("/css/**").hasRole("/index")
			.antMatchers("/user").hasRole("USER")
			.antMatchers("/blogs").hasRole("USER")
			.and()
			.formLogin().loginPage("/login").failureUrl("/login-error")
			.and()
			.exceptionHandling().accessDeniedPage("/401");
		httpSecurity.logout().logoutSuccessUrl("/");
	}
	
	
}
